These two articles both address the new security flaws in Microsoft software and how Microsoft urges customers to install the security patches.
I found the articles interesting because one of the security threats involves how Windows handles certain graphic files. It is related to how older versions of Internet Explorer handle malformed Windows Meta File image (WMF) and Enhanced Meta File image (EMF) formats. Users could be attacked simply by viewing a malicious image on a website, in an e-mail, or in an image viewer. The two formats could potentially allow a hacker or virus write to gain control over the PC. Microsoft recommends upgrading to IA6 and said it may issue a security patch.
The next security control caught my attention since it talked about access controls which related to our discussions in class and the goal of access control which is to Maintain confidentiality and integrity and because specify what users and processes can do and access. Microsoft warned of a problem with overly permissive access controls in Windows XP and Windows Server 2003.
The access control issue could be exploited by a user with low privileges to run programs and commands that normally require a higher privilege level, Microsoft said. The software maker suggests installing Service Pack 2 on Windows XP or Service Pack 1 on Windows Server 2003 to limit exposure, or manually changing access controls on the four affected Windows components.
Reference:
Microsoft warns of new Windows security issues
Microsoft warns of latest flaws